[Zope] Zope 2.5.0 acl_users encrypt passwords lock users out!
Joachim Werner
joe@iuveno-net.de
Wed, 30 Jan 2002 18:12:41 +0100
Hi!
I haven't verified that yet, but it would be a bug. The user folder we built
for Kontentor uses the encryption stuff, too, but it falls back to
unencrypted passwords if the user has created the password earlier.
> Using the property tab of acl_users, a strange behaviour occurs, which I
> could reproduce on Linux and Windows boxes. If you choose password
encrypting
> and save all users in this folder get encrypted passwords and no one of
these
> can log in anymore ... this seems rather fatal if the administrator thinks
he
> could improve security but in fact just locks out the site members. Any
idea?
> Urgently hoping for help.
Joachim